Authentication

Token endpoint (Identity Server)

Partners should request tokens directly from Identity Server.

Sandbox: POST https://sandbox-is4.cloudrx.co.uk/connect/token
Production: POST https://is4.cloudrx.co.uk/connect/token

Use OAuth2 Client Credentials.

Request body (`application/x-www-form-urlencoded`)

grant_type=client_credentials
client_id=<your_client_id>
client_secret=<your_client_secret>
scope=cloudrx_orderservice,cloudrx_productservice,cloudrx_smsservice,cloudrx_courierservice

cURL example

curl --request POST \
	--url 'https://<identity-server-host>/connect/token' \
	--header 'Content-Type: application/x-www-form-urlencoded' \
	--data-urlencode 'grant_type=client_credentials' \
	--data-urlencode 'client_id=<your_client_id>' \
	--data-urlencode 'client_secret=<your_client_secret>' \
	--data-urlencode 'scope=cloudrx_orderservice,cloudrx_productservice,cloudrx_smsservice,cloudrx_courierservice'

Success response

200 OK

{
	"access_token": "<jwt_access_token>",
	"expires_in": 3600,
	"token_type": "Bearer",
	"scope": "cloudrx_orderservice,cloudrx_productservice,cloudrx_smsservice,cloudrx_courierservice"
}

Error responses

400: invalid grant/request
401: invalid client credentials
500: unexpected server error

Token usage

Pass the token in all secured endpoint calls:

Authorization: Bearer <jwt_access_token>

Notes

Product/search is the only anonymous endpoint in v2.
Keep credentials in secure secret storage.
Rotate secrets according to your organization security policy.

PreviousGetting Started NextOrders

Last updated 1 day ago

Was this helpful?

hashtagToken endpoint (Identity Server)

hashtagRequest body (application/x-www-form-urlencoded)

hashtagcURL example

hashtagSuccess response

hashtagError responses

hashtagToken usage

hashtagNotes